First published: Fri Dec 31 2004(Updated: )
The administrative interface (surgeftpmgr.cgi) for SurgeFTP Server 1.0b through 2.2k1 allows remote attackers to cause a temporary denial of service (crash) via requests with two percent (%) signs in the CMD parameter.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
NetWin SurgeFTP | =1.0b | |
NetWin SurgeFTP | =2.2k1 | |
NetWin SurgeFTP | =2.0c | |
NetWin SurgeFTP | =2.0a | |
NetWin SurgeFTP | =2.0b | |
NetWin SurgeFTP | =2.0a | |
NetWin SurgeFTP | =2.0d | |
NetWin SurgeFTP | =2.0e | |
NetWin SurgeFTP | =2.0f | |
NetWin SurgeFTP | =2.0b | |
NetWin SurgeFTP | =1.0b | |
NetWin SurgeFTP | =1.0b | |
NetWin SurgeFTP | =1.0b | |
NetWin SurgeFTP | =2.0a | |
NetWin SurgeFTP | =2.0a | |
NetWin SurgeFTP | =2.0b | |
NetWin SurgeFTP | =2.0b | |
NetWin SurgeFTP | =2.0c | |
NetWin SurgeFTP | =2.0d | |
NetWin SurgeFTP | =2.0e | |
NetWin SurgeFTP | =2.0f | |
NetWin SurgeFTP | =2.2k1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.